package com.weixx.jdbc.config;

import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;

/**
 * @Auther weixx
 * @Date 2022/1/17
 */
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
    @Override//重写授权规则
    protected void configure(HttpSecurity http) throws Exception {
        //首页所有人可以访问
        //功能页只有对应有权限的人才能访问
        http.authorizeRequests().antMatchers("/").permitAll()
                .antMatchers("/list").hasRole("vip1");



        //没有权限会到登录页面,也可以定制自己的登录页，设置跳转即可
        http.formLogin();

        //开启了注销功能
       //http.logout();
        // .logoutSuccessUrl("/"); 注销成功来到首页
        http.logout().logoutSuccessUrl("/");

        //开启记住我功能
        http.rememberMe();
    }





    @Override//重写认证规则
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        //正常应该从数据库读

        //认证 spring2.1.x可以直接使用
        //密码编码：PasswordEncoder
        //在spring security 5.0+新增了很多加密方法
        auth.inMemoryAuthentication().passwordEncoder(new BCryptPasswordEncoder())
                .withUser("weixx")
                .password(new BCryptPasswordEncoder()
                        .encode("123"))
                .roles("vip1");

    }
}
